本文引用于 猫玖云 https://blog.csdn.net/qq_63573498
一、项目介绍
两个文件实现PHP接入支付宝当面付功能,包括发起支付和支付回调应答
注意:
- notify.php仅需要填写支付宝公钥以及支付成功后的相关逻辑即可
- NotifySerice类中的内容无需修改
- 务必在支付宝官方添加IP白名单
- 支付宝当面付还会有一个同步回调,这里没有研究
- 支付宝需要用到的参数只有公钥、私钥、appid,并且申请难度比微信要低
二、准备资料
1、appid
1.1 私钥
1.2 公钥
2、在支付宝官方开启IP白名单
三、支付代码
1、index.php
注意:
1.1 index.php中的支付成功通知地址需要用https协议,该文件内容,下面会给出
1.2 务必在支付宝官方开启IP白名单
1.3 仅需要补充或修改IndexService类上边的内容即可,IndexService类中不需修改
<?php
//支付配置
$appid = ''; //APPID
$rsaPrivateKey= ''; //私钥
//默认配置
$notifyUrl = 'https://***/notify.php'; //付款成功后的异步回调地址
$outTradeNo = date("YmdHis").uniqid(); //商品订单号
//取商品名称和金额
$payAmount = ''; //付款金额,单位:元
$orderName = ''; //订单标题
//发起支付
$aliPay = new IndexService();
$aliPay->setAppid($appid);
$aliPay->setNotifyUrl($notifyUrl);
$aliPay->setRsaPrivateKey($rsaPrivateKey);
$aliPay->setTotalFee($payAmount);
$aliPay->setOutTradeNo($outTradeNo);
$aliPay->setOrderName($orderName);
$result = $aliPay->doPay();
$result = $result['alipay_trade_precreate_response'];
if($result['code']=='10000'){
$url = 'https://wenhairu.com/static/api/qr/?size=300&text='.$result['qr_code'];
echo "<img src='{$url}' style='width:300px;'><br>";
echo '二维码内容:'.$result['qr_code'];
}
//IndexService类
class IndexService
{
protected $appId;
protected $notifyUrl;
protected $charset;
//私钥值
protected $rsaPrivateKey;
protected $totalFee;
protected $outTradeNo;
protected $orderName;
public function __construct()
{
$this->charset = 'utf-8';
}
public function setAppid($appid)
{
$this->appId = $appid;
}
public function setNotifyUrl($notifyUrl)
{
$this->notifyUrl = $notifyUrl;
}
public function setRsaPrivateKey($saPrivateKey)
{
$this->rsaPrivateKey = $saPrivateKey;
}
public function setTotalFee($payAmount)
{
$this->totalFee = $payAmount;
}
public function setOutTradeNo($outTradeNo)
{
$this->outTradeNo = $outTradeNo;
}
public function setOrderName($orderName)
{
$this->orderName = $orderName;
}
/**
* 发起订单
* @return array
*/
public function doPay(): array
{
//请求参数
$requestConfigs = array(
'out_trade_no'=>$this->outTradeNo,
'total_amount'=>$this->totalFee, //单位 元
'subject'=>$this->orderName, //订单标题
'timeout_express'=>'2h' //该笔订单允许的最晚付款时间,逾期将关闭交易。取值范围:1m~15d。m-分钟,h-小时,d-天,1c-当天(1c-当天的情况下,无论交易何时创建,都在0点关闭)。 该参数数值不接受小数点, 如 1.5h,可转换为 90m。
);
$commonConfigs = array(
//公共参数
'app_id' => $this->appId,
'method' => 'alipay.trade.precreate', //接口名称
'format' => 'JSON',
'charset'=>$this->charset,
'sign_type'=>'RSA2',
'timestamp'=>date('Y-m-d H:i:s'),
'version'=>'1.0',
'notify_url' => $this->notifyUrl,
'biz_content'=>json_encode($requestConfigs),
);
$commonConfigs["sign"] = $this->generateSign($commonConfigs, $commonConfigs['sign_type']);
$result = $this->curlPost('https://openapi.alipay.com/gateway.do?charset='.$this->charset,$commonConfigs);
return json_decode($result,true);
}
public function generateSign($params, $signType = "RSA"): ?string
{
return $this->sign($this->getSignContent($params), $signType);
}
protected function sign($data, $signType = "RSA") {
$priKey=$this->rsaPrivateKey;
$res = "-----BEGIN RSA PRIVATE KEY-----\n" .
wordwrap($priKey, 64, "\n", true) .
"\n-----END RSA PRIVATE KEY-----";
($res) or die('您使用的私钥格式错误,请检查RSA私钥配置');
if ("RSA2" == $signType) {
openssl_sign($data, $sign, $res, version_compare(PHP_VERSION,'5.4.0', '<') ? SHA256 : OPENSSL_ALGO_SHA256); //OPENSSL_ALGO_SHA256是php5.4.8以上版本才支持
} else {
openssl_sign($data, $sign, $res);
}
$sign = base64_encode($sign);
return $sign;
}
/**
* 校验$value是否非空
* if not set ,return true;
* if is null , return true;
**/
protected function checkEmpty($value): bool
{
if (!isset($value))
return true;
if (trim($value) === "")
return true;
return false;
}
public function getSignContent($params): string
{
ksort($params);
$stringToBeSigned = "";
$i = 0;
foreach ($params as $k => $v) {
if (false === $this->checkEmpty($v) && "@" != substr($v, 0, 1)) {
// 转换成目标字符集
$v = $this->characet($v, $this->charset);
if ($i == 0) {
$stringToBeSigned .= "$k" . "=" . "$v";
} else {
$stringToBeSigned .= "&" . "$k" . "=" . "$v";
}
$i++;
}
}
unset ($k, $v);
return $stringToBeSigned;
}
/**
* 转换字符集编码
* @param $data
* @param $targetCharset
* @return string
*/
function characet($data, $targetCharset) {
if (!empty($data)) {
$fileType = $this->charset;
if (strcasecmp($fileType, $targetCharset) != 0) {
$data = mb_convert_encoding($data, $targetCharset, $fileType);
//$data = iconv($fileType, $targetCharset.'//IGNORE', $data);
}
}
return $data;
}
public function curlPost($url = '', $postData = '', $options = array())
{
if (is_array($postData)) {
$postData = http_build_query($postData);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
curl_setopt($ch, CURLOPT_TIMEOUT, 30); //设置cURL允许执行的最长秒数
if (!empty($options)) {
curl_setopt_array($ch, $options);
}
//https请求 不验证证书和host
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
}2、notify.php
<?php
$alipayPublicKey = ''; //支付宝公钥
$aliPay = new NotifyService($alipayPublicKey);
//验证签名
$result = $aliPay->rsaCheck($_POST);
if($result===true && $_POST['trade_status'] == 'TRADE_SUCCESS'){
//这里填写支付成功的相关业务逻辑,可能需要用到的以下参数
//商家订单号 $_POST['out_trade_no']
//订单金额 $_POST['total_amount']
//告诉支付宝,我已经处理好了
echo 'success';exit();
}
echo 'error';exit();
//NotifyService类
class NotifyService
{
//支付宝公钥
protected $alipayPublicKey;
protected $charset;
public function __construct($alipayPublicKey)
{
$this->charset = 'utf8';
$this->alipayPublicKey=$alipayPublicKey;
}
/**
* 验证签名
**/
public function rsaCheck($params): ?bool
{
$sign = $params['sign'];
$signType = $params['sign_type'];
unset($params['sign_type']);
unset($params['sign']);
return $this->verify($this->getSignContent($params), $sign, $signType);
}
function verify($data, $sign, $signType = 'RSA') {
$pubKey= $this->alipayPublicKey;
$res = "-----BEGIN PUBLIC KEY-----\n" .
wordwrap($pubKey, 64, "\n", true) .
"\n-----END PUBLIC KEY-----";
($res) or die('支付宝RSA公钥错误。请检查公钥文件格式是否正确');
//调用openssl内置方法验签,返回bool值
if ("RSA2" == $signType) {
$result = (bool)openssl_verify($data, base64_decode($sign), $res, version_compare(PHP_VERSION,'5.4.0', '<') ? SHA256 : OPENSSL_ALGO_SHA256);
} else {
$result = (bool)openssl_verify($data, base64_decode($sign), $res);
}
// if(!$this->checkEmpty($this->alipayPublicKey)) {
// //释放资源
// openssl_free_key($res);
// }
return $result;
}
/**
* 校验$value是否非空
* if not set ,return true;
* if is null , return true;
**/
protected function checkEmpty($value): bool
{
if (!isset($value))
return true;
if (trim($value) === "")
return true;
return false;
}
public function getSignContent($params): string
{
ksort($params);
$stringToBeSigned = "";
$i = 0;
foreach ($params as $k => $v) {
if (false === $this->checkEmpty($v) && "@" != substr($v, 0, 1)) {
// 转换成目标字符集
$v = $this->characet($v, $this->charset);
if ($i == 0) {
$stringToBeSigned .= "$k" . "=" . "$v";
} else {
$stringToBeSigned .= "&" . "$k" . "=" . "$v";
}
$i++;
}
}
unset ($k, $v);
return $stringToBeSigned;
}
/**
* 转换字符集编码
* @param $data
* @param $targetCharset
* @return string
*/
function characet($data, $targetCharset): string
{
if (!empty($data)) {
$fileType = $this->charset;
if (strcasecmp($fileType, $targetCharset) != 0) {
$data = mb_convert_encoding($data, $targetCharset, $fileType);
//$data = iconv($fileType, $targetCharset.'//IGNORE', $data);
}
}
return $data;
}
}